ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Why Let’s Encrypt is a really, really, really bad idea…

    Scheduled Pinned Locked Moved IT Discussion
    51 Posts 13 Posters 6.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Curtis
      last edited by

      https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801

      This guy...

      Emad RE 1 Reply Last reply Reply Quote 0
      • dbeatoD
        dbeato
        last edited by

        ugh, Why make it all on Let's Encrypt? Same would happen when using any other CA authority for your TLS Certificates.

        ObsolesceO 1 Reply Last reply Reply Quote 2
        • ObsolesceO
          Obsolesce @dbeato
          last edited by Obsolesce

          @dbeato said in Why Let’s Encrypt is a really, really, really bad idea…:

          ugh, Why make it all on Let's Encrypt? Same would happen when using any other CA authority for your TLS Certificates.

          He's a CISSP, they always have the best security insights don't they.

          1 Reply Last reply Reply Quote 0
          • dafyreD
            dafyre
            last edited by

            The author's concern is that it only takes one whoopsie to take over all of LE's certs. I agree with that, but that same thing has already happened to other CAs, so it's not really a point to argue.

            However, I disagree with his take that security shouldn't be fire & forget. Security absolutely should be fire & forget -- especially for things that are easily handled by automation. (LE Cert renewal, for instance). The more complex something is, the easier it is to accidentally create a security issue.

            1 Reply Last reply Reply Quote 3
            • DustinB3403D
              DustinB3403
              last edited by

              What's worthwhile about automation like LE is that if the root CA was compromised, LE would simply revoke all certificates and create a new CA and issuance would begin again.

              He's acting like if someone isn't clicking "buy" that security is more vulnerable.

              1 Reply Last reply Reply Quote 3
              • JaredBuschJ
                JaredBusch
                last edited by

                @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                What's worthwhile about automation

                Except that is not what the idiot was talking about with fire and forget.

                He was assuming people were setting it up and not renewing things.

                Which means stupid users and has nothing to do with the technology.

                1 Reply Last reply Reply Quote 2
                • DashrenderD
                  Dashrender
                  last edited by

                  (Certificate expiration, with no one paying attention, is why no one at Equifax knew they had been hacked for months.)

                  What? is that true? Equifax was hacked because they had an expired cert on their website - that doesn't compute.

                  ObsolesceO 1 Reply Last reply Reply Quote 0
                  • DashrenderD
                    Dashrender
                    last edited by

                    I'd love it if he's define 'fire and forget' it's to ambiguous to really know for sure.

                    1 Reply Last reply Reply Quote 1
                    • ObsolesceO
                      Obsolesce @Dashrender
                      last edited by

                      @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                      (Certificate expiration, with no one paying attention, is why no one at Equifax knew they had been hacked for months.)

                      What? is that true? Equifax was hacked because they had an expired cert on their website - that doesn't compute.

                      I thought they were hacked because of CVE-2017-5638?

                      DashrenderD 1 Reply Last reply Reply Quote 0
                      • DashrenderD
                        Dashrender @Obsolesce
                        last edited by

                        @Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:

                        CVE-2017-5638

                        Frankly I have no clue how they where hacked - but please, tell me how someone gets their servers hacked by having an expired cert on it?

                        Even if someone somehow got the private key for the cert, that doesn't let them breach the server, that only allows them to breach the communications between that server and a client.
                        right??

                        DustinB3403D 1 Reply Last reply Reply Quote 0
                        • DustinB3403D
                          DustinB3403 @Dashrender
                          last edited by DustinB3403

                          @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                          Even if someone somehow got the private key for the cert, that doesn't let them breach the server, that only allows them to breach the communications between that server and a client.
                          right??

                          Yes, this doesn't get the person onto said server, it just allows someone to play MiM, which in practice could get the MiM onto the target server as the originating user.

                          DashrenderD 1 Reply Last reply Reply Quote 0
                          • DashrenderD
                            Dashrender @DustinB3403
                            last edited by

                            @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                            @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                            Even if someone somehow got the private key for the cert, that doesn't let them breach the server, that only allows them to breach the communications between that server and a client.
                            right??

                            Yes, this doesn't get the person onto said server, it just allows someone to play MiM, which in practice could get the MiM onto the target server as the originating user.

                            eh? what originating user? you mean that being an MiM could allow them to get the admin creds and then log in as the admin? Ok I guess I could see that.

                            but again, and expired cert is not the same as having the public

                            DustinB3403D 1 Reply Last reply Reply Quote 0
                            • DustinB3403D
                              DustinB3403 @Dashrender
                              last edited by DustinB3403

                              @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                              @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                              @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                              Even if someone somehow got the private key for the cert, that doesn't let them breach the server, that only allows them to breach the communications between that server and a client.
                              right??

                              Yes, this doesn't get the person onto said server, it just allows someone to play MiM, which in practice could get the MiM onto the target server as the originating user.

                              eh? what originating user? you mean that being an MiM could allow them to get the admin creds and then log in as the admin? Ok I guess I could see that.

                              but again, and expired cert is not the same as having the public

                              No I'm saying if as a user you went to bankofamerica.com and tried to login as your user account, a MiM could capture that information and login themselves.

                              Stolen creds at that point.

                              DashrenderD 1 Reply Last reply Reply Quote 0
                              • DashrenderD
                                Dashrender @DustinB3403
                                last edited by

                                @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                                @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                                @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                                @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                                Even if someone somehow got the private key for the cert, that doesn't let them breach the server, that only allows them to breach the communications between that server and a client.
                                right??

                                Yes, this doesn't get the person onto said server, it just allows someone to play MiM, which in practice could get the MiM onto the target server as the originating user.

                                eh? what originating user? you mean that being an MiM could allow them to get the admin creds and then log in as the admin? Ok I guess I could see that.

                                but again, and expired cert is not the same as having the public

                                No I'm saying if as a user you went to bankofamerica.com and tried to login as your user account, a MiM could capture that information and login themselves.

                                Stolen creds at that point.

                                @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                                @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                                @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                                @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                                Even if someone somehow got the private key for the cert, that doesn't let them breach the server, that only allows them to breach the communications between that server and a client.
                                right??

                                Yes, this doesn't get the person onto said server, it just allows someone to play MiM, which in practice could get the MiM onto the target server as the originating user.

                                eh? what originating user? you mean that being an MiM could allow them to get the admin creds and then log in as the admin? Ok I guess I could see that.

                                but again, and expired cert is not the same as having the public

                                No I'm saying if as a user you went to bankofamerica.com and tried to login as your user account, a MiM could capture that information and login themselves.

                                Stolen creds at that point.

                                This assumes that the Cert is the only encryption happening

                                ObsolesceO 1 Reply Last reply Reply Quote 0
                                • ObsolesceO
                                  Obsolesce @Dashrender
                                  last edited by

                                  @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                                  @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                                  @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                                  @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                                  @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                                  Even if someone somehow got the private key for the cert, that doesn't let them breach the server, that only allows them to breach the communications between that server and a client.
                                  right??

                                  Yes, this doesn't get the person onto said server, it just allows someone to play MiM, which in practice could get the MiM onto the target server as the originating user.

                                  eh? what originating user? you mean that being an MiM could allow them to get the admin creds and then log in as the admin? Ok I guess I could see that.

                                  but again, and expired cert is not the same as having the public

                                  No I'm saying if as a user you went to bankofamerica.com and tried to login as your user account, a MiM could capture that information and login themselves.

                                  Stolen creds at that point.

                                  @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                                  @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                                  @DustinB3403 said in Why Let’s Encrypt is a really, really, really bad idea…:

                                  @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                                  Even if someone somehow got the private key for the cert, that doesn't let them breach the server, that only allows them to breach the communications between that server and a client.
                                  right??

                                  Yes, this doesn't get the person onto said server, it just allows someone to play MiM, which in practice could get the MiM onto the target server as the originating user.

                                  eh? what originating user? you mean that being an MiM could allow them to get the admin creds and then log in as the admin? Ok I guess I could see that.

                                  but again, and expired cert is not the same as having the public

                                  No I'm saying if as a user you went to bankofamerica.com and tried to login as your user account, a MiM could capture that information and login themselves.

                                  Stolen creds at that point.

                                  This assumes that the Cert is the only encryption happening

                                  Your https connection to a web server, the cert is the what is used to encrypt your connection. It has nothing to do with server security in any other sense.

                                  1 Reply Last reply Reply Quote 1
                                  • Emad RE
                                    Emad R @Curtis
                                    last edited by

                                    @Curtis said in Why Let’s Encrypt is a really, really, really bad idea…:

                                    https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801

                                    This guy...

                                    Actually he makes sense to me, if you have website that is generating good revenue you should spend on SSL

                                    DashrenderD stacksofplatesS DustinB3403D 3 Replies Last reply Reply Quote 0
                                    • DashrenderD
                                      Dashrender @Emad R
                                      last edited by

                                      @Emad-R said in Why Let’s Encrypt is a really, really, really bad idea…:

                                      @Curtis said in Why Let’s Encrypt is a really, really, really bad idea…:

                                      https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801

                                      This guy...

                                      Actually he makes sense to me, if you have website that is generating good revenue you should spend on SSL

                                      Are you saying to spend money just because you can?

                                      C 1 Reply Last reply Reply Quote 0
                                      • C
                                        Curtis @Dashrender
                                        last edited by

                                        @Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:

                                        Are you saying to spend money just because you can?

                                        I’ll PM you my address @Emad-R - feel free to send as much money as you would like 🙂

                                        1 Reply Last reply Reply Quote 1
                                        • stacksofplatesS
                                          stacksofplates @Emad R
                                          last edited by

                                          @Emad-R said in Why Let’s Encrypt is a really, really, really bad idea…:

                                          @Curtis said in Why Let’s Encrypt is a really, really, really bad idea…:

                                          https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801

                                          This guy...

                                          Actually he makes sense to me, if you have website that is generating good revenue you should spend on SSL

                                          Yeah I don't agree with that. The "warranties" that you get are literally useless and it's not possible to automate them. There is literally no upside to paying for one, even EV certs.

                                          Let's not forget that the TLS certs are not for ensuring it is a safe site. It's just a way to have an encrypted channel.

                                          Emad RE ingmarkoecherI 2 Replies Last reply Reply Quote 2
                                          • Emad RE
                                            Emad R @stacksofplates
                                            last edited by

                                            @stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:

                                            @Emad-R said in Why Let’s Encrypt is a really, really, really bad idea…:

                                            @Curtis said in Why Let’s Encrypt is a really, really, really bad idea…:

                                            https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801

                                            This guy...

                                            Actually he makes sense to me, if you have website that is generating good revenue you should spend on SSL

                                            Yeah I don't agree with that. The "warranties" that you get are literally useless and it's not possible to automate them. There is literally no upside to paying for one, even EV certs.

                                            Let's not forget that the TLS certs are not for ensuring it is a safe site. It's just a way to have an encrypted channel.

                                            What about being Unique, or unlike the rest, wont that increase security. Like changing a port of SSH, the same method your not using a service that all the rest are using like Lets Encrypt, Thus by theory more secure.

                                            DashrenderD stacksofplatesS 2 Replies Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 2 / 3
                                            • First post
                                              Last post